You can use the static_flaw_info endpoint of the Veracode Findings API to get additional information about a single finding discovered during a static analysis.
The Findings API is explained in Using the Findings REST API.
- Name of the scanned module
- Filepath to the file that contains the finding
- Name of the function that contains the finding
- Code line numbers where the finding exists
- Attack vectors associated with the request
- Calls in the associated call stack
Permissions and Authentication
The API provides improved security through HMAC authentication. Therefore, before using this API, you must configure your authentication.
Ensure you access the APIs with the domain for your region.
Static Finding Data Path API Specification
The static_flaw_info endpoint uses the Static Finding Data Path API specification available from SwaggerHub.